John <[email protected]> wrote: > > There are better systems that have a pure honeypot which actually > > accepts mail (and add the IPs that send mail to a blacklist) > > OK - where do we find one of THOSE?
Unfortunately, THOSE may be a bit too simplistic :( Someone forges an email appearing to come from one of your honeypot addresses, and sends it to a bogus (or on-vacation) address at a legitimate site. The bounce (or vacation response) comes to your honeypot address, causing you to blacklist the legitimate site. No, I am not making this up. More than once I've discovered one of my employer's mail servers on the Spamcop blacklist, causing my home upstream to bounce (as presumed spam) messages I tried to send from office to home. This seemed to have been the mechanism involved. _______________________________________________ [email protected] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[email protected]"
